By Heather Stratford-Geibel
The cybersecurity talent shortage is at a 12-year high. This global issue has been forecast for the last decade but is increasing in scope and severity. It is currently estimated that 3.5 million cybersecurity jobs will be unfilled worldwide by 2021. This is especially concerning for employers over the next 5 years.
Between September 2017 and August 2018, “U.S. employers in the private and public sectors posted an estimated 313,735 job openings for cybersecurity workers,” which falls in line with the prediction for 2021. Another supporting source for the increasing cybersecurity shortfall is from the technology certification body (ISC)2. (ISC)2’s new online survey highlights the inability of cybersecurity job forecasts to keep up with the cybercrime epidemic, stating “the cybersecurity workforce gap is on pace to hit 1.8 million by 2022 — a minimal year-over-year increase in cyber security job openings over nearly a decade.” Their smaller number appears to contradict other studies; however, the discrepancy is due to their focus being narrowed in on information security jobs and not the entire field of cybersecurity.
All indicators say that the gap in supply and demand for the cybersecurity industry is widening. The impact on employers is real and significant.
As organizations look to hire cybersecurity professionals, they are facing stiff competition finding talent to fill an ever increasing number of job vacancies. Within cybersecurity, there are 2.3 existing cybersecurity workers for the number of current cybersecurity job openings. Which means two things: first, “The field of cyber security is the least populated of any field of technology” and that “employers have fewer opportunities to ‘poach’ cybersecurity workers from other companies; and must look to other tactics – cyber training for current workers, or attracting new talent, for example – to fill their needs for cybersecurity professionals.”
Within the past year, more than 200 cybersecurity firms have raised capital, intensifying the competition for existing skilled cybersecurity workers. This intensifies the existing labor crunch. And that is in addition to the rising need for workers due to increased cybercrime. Employees may feel inclined to change companies for promotion or better salaries, taking advantage of the shortage and leaving employers fighting to find replacements. Keeping a cybersecurity employee, by investing in them, is the best long-term strategy.
Without investing in current employees and reimagining their approach to finding and retaining talent, the workforce shortage will continue to grow. According to Rob Joyce, senior cyber advisor to the director of the National Security Agency, “There is a growing gap between what we have and what we need. We’ve got to make systemic changes to meet that gap.” The secret in filling the skill gap may be in looking beyond the classically trained ideal and looking for individuals who possess other skills and could learn the skills required to succeed in the field.
Cybersecurity is failing to attract two significant populations into the field. The first group are millennials. The Global Information Security Workforce Study by (ISC)2 “revealed that only seven percent of cyber security professionals surveyed were under age 29, and 13 percent were between ages 30 and 34,”with the average age being 42. The second underrepresented and overlooked group is women. Currently only 11% of the workforce is female. Increasing diversity in the workforce is the only way to fill the growing need moving forward.
For employers, in order to survive the employee shortage, a change of approach is necessary. The best approach will be to invest in current employees, develop the skill profiles in desirable candidates, and look outside traditional pools — to women, millennials, and those traditionally overlooked but with the ability to learn and grow.
If employers embrace this new approach to retaining, retraining, and expanding their own talent pools, the shortage may end up being a blessing in disguise as studies have reported that increased diversity improves performance and profitability.
Reprinted from stronger.tech.com at: https://stronger.tech/the-cybersecurity-job-outlook-2019-part-1-employers/